package com.sinosoft.system.primary.interceptor;

import java.io.Writer;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.sinosoft.system.primary.biz.SysMenuBiz;
import com.sinosoft.system.primary.biz.SysTokenBiz;


public class TokenInterceptor implements HandlerInterceptor {
	
	@Autowired
	private SysMenuBiz sysMenuBiz;
	
	@Autowired
	private SysTokenBiz sysTokenBiz;

	@Override
	public void afterCompletion(HttpServletRequest arg0,
			HttpServletResponse arg1, Object arg2, Exception arg3)
			throws Exception {
	}

	@Override
	public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
			Object arg2, ModelAndView arg3) throws Exception {
	}

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
			Object arg2) throws Exception {
		return true;
//		//request.getHeader("Authorization");
//		String authHeader = "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjMxMjMiLCJyb2xlSWRzIjoiIiwicm9sZXMiOiIiLCJpc3MiOiJxaWFubml1a2VqaSIsImlhdCI6MTQ4NjgxMjA5MywiZXhwIjoxNTAyMzY0MDkzLCJuYmYiOjE0ODY4MTIwOTN9.1nb77R9MI3ONX-eThn0gTRr5CHyQKbjNyRhRDTVTRcY";
//		Cookie[] cookies = request.getCookies();
//		if (authHeader == null || !authHeader.startsWith("Bearer ")) {
////            throw new ServletException("Missing or invalid Authorization header.");
//            Writer wt = response.getWriter();
//			wt.write("0");//长时间未登陆
//			return false;
//        }
//		String token = authHeader.substring(7); // The part after "Bearer "
//		Claims claims = Jwts.parser().setSigningKey("secretkeyshangxp")
//	                .parseClaimsJws(token).getBody();
////		String id = claims.getId();
//		String username = claims.getSubject();
//		String roleIds = claims.get("roleIds").toString();
//		String roles = claims.get("roles").toString();
//		String issuer = claims.getIssuer();
//		Date expdate = claims.getExpiration();
//		String uri = request.getRequestURI();
//		//String[] uris = uri.split("/");
//		List<String> queryKeys = new ArrayList<String>();
//		List<Object> queryValues = new ArrayList<Object>();
//		queryKeys.add("username");
//		queryValues.add(username);
//		queryKeys.add("jwt");
//		queryValues.add(token);	
//		if(uri.contains("/SysUser/login")||uri.contains("/SysUser/logout")){//登陆登出允许过
//			return true;
//		}else if (issuer==null||!"qianniukeji".equals(issuer)){// 不是牵牛科技的请求
//			Writer wt = response.getWriter();
//			wt.write("0");
//			return  false;
//		}else if (expdate.before(new Date())){//到期时间小于当前时间，重新登陆
//			Writer wt = response.getWriter();
//			wt.write("0");//长时间未登陆
//			return  false;
//		}else if(sysTokenBiz.selectCountSysToken(queryKeys, queryValues)>0){//检查用户是否已登陆
//			if (roleIds!=null&&!"".equals(roleIds.trim())&&sysMenuBiz.isPermitted(roleIds, uri)){//检查权限访问
//				return  true;
//			}else{
//				Writer wt = response.getWriter(); //
//				wt.write("0");
//				return  false;
//			}
//		}else{
//			Writer wt = response.getWriter(); //
//			wt.write("0");
//			return  false;
//		}
	}

	public SysMenuBiz getSysMenuBiz() {
		return sysMenuBiz;
	}

	public void setSysMenuBiz(SysMenuBiz sysMenuBiz) {
		this.sysMenuBiz = sysMenuBiz;
	}

	public SysTokenBiz getSysTokenBiz() {
		return sysTokenBiz;
	}

	public void setSysTokenBiz(SysTokenBiz sysTokenBiz) {
		this.sysTokenBiz = sysTokenBiz;
	}
	

}
